chore(deps): ⬆️ Update dependency next to v14.2.10 [SECURITY] - autoclosed #4425
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- v2 | |
- v2-develop | |
- '!changeset-release/**' | |
pull_request: | |
types: | |
- opened | |
- reopened | |
- synchronize | |
- ready_for_review | |
- edited | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
SONAR_TOKEN_REACT: ${{ secrets.SONAR_TOKEN_REACT }} | |
SONAR_TOKEN_VUE: ${{ secrets.SONAR_TOKEN_VUE }} | |
jobs: | |
cache: | |
name: Create cache for all steps | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
- name: Install dependencies | |
run: NOT_GENERATE_ICON=true && yarn --immutable | |
commit-lint: | |
name: Validate PR Title (conventional-commit) | |
needs: [cache] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Setup node | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
- name: Install dependencies | |
run: NOT_GENERATE_ICON=true && yarn --immutable | |
env: | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }} | |
- uses: JulienKode/[email protected] | |
lint: | |
name: Lint | |
needs: [cache] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
- name: Install dependencies | |
run: yarn --immutable | |
- name: Run linters | |
run: yarn lint | |
build: | |
name: Build Nuxt, Next | |
needs: [cache, lint] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
- name: Install dependencies | |
run: yarn --immutable | |
- name: Run build | |
run: yarn build | |
build-docs: | |
name: Build Docs | |
needs: [cache, lint] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
- name: Install dependencies | |
run: yarn --immutable | |
- name: Run build | |
run: yarn build:docs | |
env: | |
DOCS_EXAMPLES_VUE_PATH: 'https://docs.storefrontui.io/v2-vue' | |
DOCS_EXAMPLES_REACT_PATH: 'https://docs.storefrontui.io/v2-react' | |
build-release: | |
name: Build packages for release | |
needs: [cache, lint] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
- name: Install dependencies | |
run: yarn --immutable | |
- name: Run build | |
run: yarn build:release | |
cypress-vue: | |
name: Run cypress tests(Vue) | |
needs: [cache, lint] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
- name: Install dependencies | |
run: yarn --immutable | |
- name: Pre-Cypress (build all dependencies) | |
run: yarn test:ci-pre:vue | |
- name: Cypress run | |
uses: cypress-io/[email protected] | |
with: | |
browser: chrome | |
working-directory: apps/test/vue | |
component: true | |
env: | |
CYPRESS_COVERAGE: true | |
- name: Post-Cypress (generate coverage) | |
run: cd apps/test/vue; yarn generate-coverage | |
- name: SonarCloud Scan | |
if: ${{ env.SONAR_TOKEN_VUE }} | |
uses: SonarSource/[email protected] | |
with: | |
projectBaseDir: packages/sfui/frameworks/vue | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_VUE }} | |
cypress-react: | |
name: Run cypress tests(React) | |
needs: [cache, lint] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
- name: Install dependencies | |
run: yarn --immutable | |
- name: Pre-Cypress (build all dependencies) | |
run: yarn test:ci-pre:react | |
- name: Cypress run | |
uses: cypress-io/[email protected] | |
with: | |
browser: chrome | |
working-directory: apps/test/react | |
component: true | |
env: | |
CYPRESS_COVERAGE: true | |
- name: Post-Cypress (generate coverage) | |
run: cd apps/test/react; yarn generate-coverage | |
- name: SonarCloud Scan | |
if: ${{ env.SONAR_TOKEN_REACT }} | |
uses: SonarSource/[email protected] | |
with: | |
projectBaseDir: packages/sfui/frameworks/react | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_REACT }} | |
release-canary: | |
name: Release Canary packages | |
needs: [build, build-release, cypress-react, cypress-vue] | |
if: ${{ github.ref == 'refs/heads/v2-develop' }} | |
# Can't use 'configure-enviroment' because it fails on dev branch | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
registry-url: 'https://registry.npmjs.org' | |
- name: Install dependencies | |
run: yarn --immutable | |
- name: Bump package version | |
run: yarn changeset version --snapshot | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build packages | |
run: yarn build:release | |
- name: Set yarn config | |
run: | | |
yarn config set npmScopes.storefront-ui.npmAuthToken "\${NODE_AUTH_TOKEN}" | |
yarn config set npmScopes.storefront-ui.npmPublishRegistry 'https://registry.npmjs.org' | |
yarn config set npmScopes.storefront-ui.npmRegistryServer 'https://registry.npmjs.org' | |
- name: Publish canary version | |
run: yarn workspaces foreach --no-private --from '@storefront-ui/*' npm publish --tag canary || true | |
env: | |
# Needs access to publish to npm | |
# refresh token before 22.07.2026 | |
NPM_TOKEN: ${{ secrets.NPM_RELEASE_TOKEN }} | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_RELEASE_TOKEN }} | |
release-rc: | |
name: Release RC packages | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
registry-url: 'https://registry.npmjs.org' | |
- name: Install dependencies | |
run: yarn --immutable | |
- name: Save head commit message | |
id: commit_message | |
run: echo "result=$(git log -1 --pretty=%s)" >> $GITHUB_OUTPUT | |
- name: Build packages | |
run: yarn build:release | |
- name: Set yarn config | |
run: | | |
yarn config set npmScopes.storefront-ui.npmAuthToken "\${NODE_AUTH_TOKEN}" | |
yarn config set npmScopes.storefront-ui.npmPublishRegistry 'https://registry.npmjs.org' | |
yarn config set npmScopes.storefront-ui.npmRegistryServer 'https://registry.npmjs.org' | |
- name: Publish release-candidate version | |
# If this is any `v2-release/**` branch AND last commit is made by changeset action and its commit message is with "ci: release (rc)", this happens only after merging changesets changelog PR | |
if: "${{ startsWith( github.event.pull_request.head.ref, 'v2-release' ) && contains( steps.commit_message.outputs.result, 'ci: version packages (rc)' ) }}" | |
run: yarn workspaces foreach --no-private --from '@storefront-ui/*' npm publish --tag rc || true | |
env: | |
# Needs access to publish to npm | |
# refresh token before Saturday, May 25, 2024 | |
NPM_TOKEN: ${{ secrets.NPM_RELEASE_TOKEN }} | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_RELEASE_TOKEN }} | |
release-production: | |
name: Release Production packages | |
runs-on: ubuntu-latest | |
needs: [build, build-release, cypress-react, cypress-vue] | |
if: ${{ github.ref == 'refs/heads/v2' }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
registry-url: 'https://registry.npmjs.org' | |
- name: Install dependencies | |
run: yarn --immutable | |
- name: Build packages | |
run: yarn build:release | |
- name: Set yarn config | |
run: | | |
yarn config set npmScopes.storefront-ui.npmAuthToken "\${NODE_AUTH_TOKEN}" | |
yarn config set npmScopes.storefront-ui.npmPublishRegistry 'https://registry.npmjs.org' | |
yarn config set npmScopes.storefront-ui.npmRegistryServer 'https://registry.npmjs.org' | |
- name: Publish Production version package | |
run: yarn workspaces foreach --no-private --from '@storefront-ui/*' npm publish || true | |
env: | |
# Needs access to publish to npm | |
# refresh token before Saturday, May 25, 2024 | |
NPM_TOKEN: ${{ secrets.NPM_RELEASE_TOKEN }} | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_RELEASE_TOKEN }} | |
- name: Create Release Notes | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: node releaseNotes.mjs | |
- name: Create PR to v2-develop branch | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
gh pr create -B v2-develop --title 'chore: automatic sync v2->v2-develop' --body 'This Pull Request is generated automatically with changes pushed into `v2` branch. `v2` and `v2-develop` branches should be in-sync.' --label automerge || true | |
- name: Merge created PR | |
env: | |
GH_TOKEN: ${{ github.token }} | |
run: gh pr merge --auto --merge | |
gg-scanning: | |
name: GitGuardian scan | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: GitGuardian scan | |
uses: GitGuardian/[email protected] | |
with: | |
args: -v | |
env: | |
GITHUB_PUSH_BEFORE_SHA: ${{ github.event.before }} | |
GITHUB_PUSH_BASE_SHA: ${{ github.event.base }} | |
GITHUB_PULL_BASE_SHA: ${{ github.event.pull_request.base.sha }} | |
GITHUB_DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} | |
GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }} |